QUESTION 43Drag and Drop QuestionDrag and drop the elements of incident handling from the left into the correct order on the right.Answer: QUESTION 44You receive an alert for malicious code that exploits Internet Explorer and runs arbitrary code on the site visitor machine. The malicous code is on an external site that is being visited by hosts on your network. Which user agent in the HTTP headers in the requests from your internal hosts warrants further investigation?

QUESTION 45A user on your network receives an email in their mailbox that contains a malicious attachment. There is no indication that the file was run. Which category as defined in the Diamond Model of Intrusion does this activity fall under?

A. reconnaissanceB. weaponizationC. deliveryD. installation

Answer: A

QUESTION 46Refer to the Exhibit. A customer reports that they cannot access your organization’s website. Which option is a possible reason that the customer cannot access the website?

A. The server at 10.33.1.5 is using up too much bandwidth causing a denial- of-service.B. The server at 10.67.10.5 has a virus.C. A vulnerability scanner has shown that 10.67.10.5 has been compromised.D. Web traffic sent from 10.67.10.5 has been identified as malicious by Internet sensors.

Answer: C

QUESTION 47Which identifies both the source and destination location?

A. IP addressB. URLC. portsD. MAC address

Answer: C

QUESTION 48Drag and Drop QuestionRefer to the exhibit. Drag and drop the element name from the left onto the correct piece of the PCAP file on the right.Answer:

QUESTION 49Which type of analysis assigns values to scenarios to see what the outcome might be in each scenario?

A. deterministicB. exploratoryC. probabilisticD. descriptive

Answer: D

QUESTION 50Which feature is used to find possible vulnerable services running on a server?